# Microsoft Defender ## Display a list of cmdlets contained in the Defender module ```powershell Get-Command -Module Defender ``` ```powershell > Get-Command -Module Defender CommandType Name Version Source ----------- ---- ------- ------ Function Add-MpPreference 1.0 Defender Function Get-MpComputerStatus 1.0 Defender Function Get-MpPreference 1.0 Defender Function Get-MpThreat 1.0 Defender Function Get-MpThreatCatalog 1.0 Defender Function Get-MpThreatDetection 1.0 Defender Function Remove-MpPreference 1.0 Defender Function Remove-MpThreat 1.0 Defender Function Set-MpPreference 1.0 Defender Function Start-MpRollback 1.0 Defender Function Start-MpScan 1.0 Defender Function Start-MpWDOScan 1.0 Defender Function Update-MpSignature 1.0 Defender ``` ## Check for running Microsoft Defender services ```powershell Get-Service SecurityHealthService, WinDefend, Sense, WdNisSvc | Select-Object Name,DisplayName,Status ``` `Get-MpComputerStatus` allows you to display the current status of Windows Defender: enabled options, virus definition date and version, last scan time, and others. ![](https://1029482190-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVonnsWh96xLbzU5ncJWZ%2Fuploads%2FA4VHOlM82chmZsJY0A8Z%2Fimage.png?alt=media\&token=a9e470bd-0c6c-42fc-a5a7-913c48b1d04d) To quickly check if Windows Defender is running on your computer and find out the last antivirus definition update date, run the following PowerShell command: ```powershell Get-MpComputerStatus | Select-Object -Property Antivirusenabled,AMServiceEnabled,AntispywareEnabled,BehaviorMonitorEnabled,IoavProtectionEnabled,NISEnabled,OnAccessProtectionEnabled,RealTimeProtectionEnabled,AntivirusSignatureLastUpdated ``` ## Disable Realtime monitoring altogether ```powershell Set-MpPreference -DisableRealtimeMonitoring $true ``` ## References {% embed url="" %}